Merge pull request #3727 from matrix-org/erikj/dont_error_on_missing_keys

Don't log exceptions when failing to fetch server keys
2018-08-21 17:07:20 +01:00 · 2018-08-21 17:07:20 +01:00 · 46c832eaac
parent 2b1a4b2596 c2c153dd3b
commit 46c832eaac
3 changed files with 10 additions and 5 deletions
--- a/changelog.d/3727.misc
+++ b/changelog.d/3727.misc
@ -0,0 +1 @@
+Log failure to authenticate remote servers as warnings (without stack traces)
--- a/synapse/crypto/keyclient.py
+++ b/synapse/crypto/keyclient.py
@ -18,7 +18,9 @@ import logging
 from canonicaljson import json

 from twisted.internet import defer, reactor
+from twisted.internet.error import ConnectError
 from twisted.internet.protocol import Factory
+from twisted.names.error import DomainError
 from twisted.web.http import HTTPClient

 from synapse.http.endpoint import matrix_federation_endpoint
@ -47,12 +49,14 @@ def fetch_server_key(server_name, tls_client_options_factory, path=KEY_API_V1):
                server_response, server_certificate = yield protocol.remote_key
                defer.returnValue((server_response, server_certificate))
        except SynapseKeyClientError as e:
-            logger.exception("Error getting key for %r" % (server_name,))
+            logger.warn("Error getting key for %r: %s", server_name, e)
            if e.status.startswith("4"):
                # Don't retry for 4xx responses.
                raise IOError("Cannot get key for %r" % server_name)
+        except (ConnectError, DomainError) as e:
+            logger.warn("Error getting key for %r: %s", server_name, e)
        except Exception as e:
-            logger.exception(e)
+            logger.exception("Error getting key for %r", server_name)
    raise IOError("Cannot get key for %r" % server_name)


--- a/synapse/federation/transport/server.py
+++ b/synapse/federation/transport/server.py
@ -261,10 +261,10 @@ class BaseFederationServlet(object):
            except NoAuthenticationError:
                origin = None
                if self.REQUIRE_AUTH:
-                    logger.exception("authenticate_request failed")
+                    logger.warn("authenticate_request failed: missing authentication")
                    raise
-            except Exception:
-                logger.exception("authenticate_request failed")
+            except Exception as e:
+                logger.warn("authenticate_request failed: %s", e)
                raise

            if origin:
				`@ -0,0 +1 @@`
				`Log failure to authenticate remote servers as warnings (without stack traces)`